0) { return ($id); } else { return false; } } function vhosts_sync_package() { global $config; if ($config['installedpackages']['vhosts']['config'] != "") { conf_mount_rw(); //sort the vhosts array $vhostarray = $config['installedpackages']['vhosts']['config']; if (count(vhostarray) > 1) { usort($vhostarray, 'sort_ipaddress'); usort($vhostarray, 'sort_host'); usort($vhostarray, 'sort_port'); } $vhostarray_http = ''; $vhostarray_https = ''; $x = 0; foreach ($vhostarray as $rowhelper) { if ($rowhelper['enabled'] != "false") { if (strlen($rowhelper['certificate']) > 0 && strlen($rowhelper['privatekey']) > 0) { $vhostarray_https[$x]['host'] = $rowhelper['host']; $vhostarray_https[$x]['ipaddress'] = $rowhelper['ipaddress']; $vhostarray_https[$x]['port'] = $rowhelper['port']; $vhostarray_https[$x]['directory'] = $rowhelper['directory']; $vhostarray_https[$x]['certificate'] = $rowhelper['certificate']; $vhostarray_https[$x]['privatekey'] = $rowhelper['privatekey']; $vhostarray_https[$x]['enabled'] = $rowhelper['enabled']; $vhostarray_https[$x]['description'] = $rowhelper['description']; } else { $vhostarray_http[$x]['host'] = $rowhelper['host']; $vhostarray_http[$x]['ipaddress'] = $rowhelper['ipaddress']; $vhostarray_http[$x]['port'] = $rowhelper['port']; $vhostarray_http[$x]['directory'] = $rowhelper['directory']; $vhostarray_http[$x]['certificate'] = ''; $vhostarray_http[$x]['privatekey'] = ''; $vhostarray_http[$x]['enabled'] = $rowhelper['enabled']; $vhostarray_http[$x]['description'] = $rowhelper['description']; $server_port = $rowhelper['port']; } $x++; } } unset($x); // HTTP configuration if (count($vhostarray_http) > 0) { $tmp = << "application/pdf", ".sig" => "application/pgp-signature", ".spl" => "application/futuresplash", ".class" => "application/octet-stream", ".ps" => "application/postscript", ".torrent" => "application/x-bittorrent", ".dvi" => "application/x-dvi", ".gz" => "application/x-gzip", ".pac" => "application/x-ns-proxy-autoconfig", ".swf" => "application/x-shockwave-flash", ".tar.gz" => "application/x-tgz", ".tgz" => "application/x-tgz", ".tar" => "application/x-tar", ".zip" => "application/zip", ".mp3" => "audio/mpeg", ".m3u" => "audio/x-mpegurl", ".wma" => "audio/x-ms-wma", ".wax" => "audio/x-ms-wax", ".ogg" => "audio/x-wav", ".wav" => "audio/x-wav", ".gif" => "image/gif", ".jpg" => "image/jpeg", ".jpeg" => "image/jpeg", ".png" => "image/png", ".xbm" => "image/x-xbitmap", ".xpm" => "image/x-xpixmap", ".xwd" => "image/x-xwindowdump", ".css" => "text/css", ".html" => "text/html", ".htm" => "text/html", ".js" => "text/javascript", ".asc" => "text/plain", ".c" => "text/plain", ".conf" => "text/plain", ".text" => "text/plain", ".txt" => "text/plain", ".dtd" => "text/xml", ".xml" => "text/xml", ".mpeg" => "video/mpeg", ".mpg" => "video/mpeg", ".mov" => "video/quicktime", ".qt" => "video/quicktime", ".avi" => "video/x-msvideo", ".asf" => "video/x-ms-asf", ".asx" => "video/x-ms-asf", ".wmv" => "video/x-ms-wmv", ".bz2" => "application/x-bzip", ".tbz" => "application/x-bzip-compressed-tar", ".tar.bz2" => "application/x-bzip-compressed-tar" ) # Use the "Content-Type" extended attribute to obtain mime type if possible #mimetypes.use-xattr = "enable" #### accesslog module #accesslog.filename = "/dev/null" ## deny access the file-extensions # # ~ is for backupfiles from vi, emacs, joe, ... # .inc is often used for code includes which should in general not be part # of the document-root url.access-deny = ( "~", ".db" ) ######### Options that are good to be but not neccesary to be changed ####### ## bind to port (default: 80) server.port = {$server_port} EOF; $ipaddress_previous_value = ''; $host_previous_value = ''; $port_previous_value = ''; $ipaddress_and_port_previous_value = ''; $x = 1; foreach ($vhostarray_http as $rowhelper) { if ($rowhelper['enabled'] != "false") { $host = $rowhelper['host']; $ipaddress = $rowhelper['ipaddress']; $port = $rowhelper['port']; $directory = $rowhelper['directory']; if (strlen($rowhelper['certificate']) > 0) { $certificate = base64_decode($rowhelper['certificate']); } if (strlen($rowhelper['privatekey']) > 0) { $privatekey = base64_decode($rowhelper['privatekey']); } // Set directory default to the host if (strlen($directory) == 0) { $directory = $host; } // If the vhost directory doesn't exist then create it safe_mkdir("/usr/local/vhosts/{$directory}"); if (!file_exists("/usr/local/vhosts/{$directory}/index.php")) { $index_file = "/usr/local/vhosts/{$directory}/index.php"; $index_tmp = "\n"; $fout = fopen($index_file, "w"); fwrite($fout, $index_tmp); fclose($fout); unset($index_file); } // Set the default port if (strlen($port) == 0) { $port = '8001'; } if ($ipaddress . ':' . $port != $ipaddress_and_port_previous_value) { if ($x > 1) { $tmp .= "}\n\n"; } $tmp .= "\$SERVER[\"socket\"] == \"" . $ipaddress . ":" . $port . "\" {\n"; } $tmp .= " \$HTTP[\"host\"] == \"" . $host . "\" {\n"; $tmp .= " server.document-root = \"/usr/local/vhosts/" . $directory . "\"\n"; // Enable SSL if the cert and key were both provided if (strlen($rowhelper['certificate']) > 0 && strlen($rowhelper['privatekey']) > 0) { $pem_file = "/var/etc/cert-vhosts-{$ipaddress}-{$port}.pem"; $fout = fopen($pem_file, "w"); fwrite($fout, $certificate.PHP_EOL.$privatekey); fclose($fout); $tmp .= " ssl.pemfile = \"" . $pem_file . "\"\n"; $tmp .= " ssl.engine = \"enable\"\n"; unset($pem_file); } if (count($vhostarray_http) > 0) { $tmp .= " }\n"; } $ipaddress_previous_value = $ipaddress; $host_previous_value = $host; $port_previous_value = $port; $ipaddress_and_port_previous_value = $ipaddress.':'.$port; $x++; } } $tmp .= << ( "localhost" => ( "socket" => "/tmp/php5-fastcgi.socket", "min-procs" => 1, "max-procs" => 1, "idle-timeout" => 0, "bin-environment" => ( "PHP_FCGI_MAX_REQUESTS" => "500", "PHP_FCGI_CHILDREN" => "1" ), "bin-path" => "/usr/local/bin/php" ) ) ) #### CGI module cgi.assign = ( ".cgi" => "" ) EOF; $fout = fopen("/var/etc/vhosts-http.conf", "w"); fwrite($fout, $tmp); unset($tmp); fclose($fout); // END (if count(vhostarray_http) > 0) } // HTTPS configuration $ipaddress_previous_value = ''; $host_previous_value = ''; $port_previous_value = ''; $ipaddress_and_port_previous_value = ''; $x=1; if (count($vhostarray_https) > 0) { foreach($vhostarray_https as $rowhelper) { if ($rowhelper['enabled'] != "false") { $host = $rowhelper['host']; $ipaddress = $rowhelper['ipaddress']; $port = $rowhelper['port']; $directory = $rowhelper['directory']; $description = $rowhelper['description']; if (strlen($rowhelper['certificate']) > 0) { $certificate = base64_decode($rowhelper['certificate']); } if (strlen($rowhelper['privatekey']) > 0) { $privatekey = base64_decode($rowhelper['privatekey']); } // Set directory default to the host if (strlen($directory) == 0) { $directory = $host; } // If the vhost directory doesn't exist then create it safe_mkdir("/usr/local/vhosts/{$directory}"); if (!file_exists("/usr/local/vhosts/{$directory}/index.php")) { $index_file = "/usr/local/vhosts/{$directory}/index.php"; $index_tmp = "\n"; $fout = fopen($index_file, "w"); fwrite($fout, $index_tmp); fclose($fout); unset($index_file); } // Set the default port if (strlen($port) == 0) { $port = '443'; } $tmp =<< "application/pdf", ".sig" => "application/pgp-signature", ".spl" => "application/futuresplash", ".class" => "application/octet-stream", ".ps" => "application/postscript", ".torrent" => "application/x-bittorrent", ".dvi" => "application/x-dvi", ".gz" => "application/x-gzip", ".pac" => "application/x-ns-proxy-autoconfig", ".swf" => "application/x-shockwave-flash", ".tar.gz" => "application/x-tgz", ".tgz" => "application/x-tgz", ".tar" => "application/x-tar", ".zip" => "application/zip", ".mp3" => "audio/mpeg", ".m3u" => "audio/x-mpegurl", ".wma" => "audio/x-ms-wma", ".wax" => "audio/x-ms-wax", ".ogg" => "audio/x-wav", ".wav" => "audio/x-wav", ".gif" => "image/gif", ".jpg" => "image/jpeg", ".jpeg" => "image/jpeg", ".png" => "image/png", ".xbm" => "image/x-xbitmap", ".xpm" => "image/x-xpixmap", ".xwd" => "image/x-xwindowdump", ".css" => "text/css", ".html" => "text/html", ".htm" => "text/html", ".js" => "text/javascript", ".asc" => "text/plain", ".c" => "text/plain", ".conf" => "text/plain", ".text" => "text/plain", ".txt" => "text/plain", ".dtd" => "text/xml", ".xml" => "text/xml", ".mpeg" => "video/mpeg", ".mpg" => "video/mpeg", ".mov" => "video/quicktime", ".qt" => "video/quicktime", ".avi" => "video/x-msvideo", ".asf" => "video/x-ms-asf", ".asx" => "video/x-ms-asf", ".wmv" => "video/x-ms-wmv", ".bz2" => "application/x-bzip", ".tbz" => "application/x-bzip-compressed-tar", ".tar.bz2" => "application/x-bzip-compressed-tar" ) # Use the "Content-Type" extended attribute to obtain mime type if possible #mimetypes.use-xattr = "enable" #### accesslog module #accesslog.filename = "/dev/null" ## deny access the file-extensions # # ~ is for backupfiles from vi, emacs, joe, ... # .inc is often used for code includes which should in general not be part # of the document-root url.access-deny = ( "~", ".db" ) ######### Options that are good to be but not neccesary to be changed ####### ## bind to port (default: 80) server.port = {$port} EOF; // Enable SSL if the cert and key were both provided $pem_file = "/var/etc/cert-vhosts-{$ipaddress}-{$port}.pem"; $fout = fopen($pem_file, "w"); fwrite($fout, $certificate.PHP_EOL.$privatekey); fclose($fout); $tmp .= "## ssl configuration\n"; $tmp .= "ssl.pemfile = \"" . $pem_file . "\"\n"; $tmp .= "ssl.engine = \"enable\"\n"; unset($pem_file); $tmp .= << ( "localhost" => ( "socket" => "/tmp/php5-fastcgi.socket", "min-procs" => 1, "max-procs" => 1, "idle-timeout" => 0, "bin-environment" => ( "PHP_FCGI_MAX_REQUESTS" => "500", "PHP_FCGI_CHILDREN" => "1" ), "bin-path" => "/usr/local/bin/php" ) ) ) #### CGI module cgi.assign = ( ".cgi" => "" ) EOF; $fout = fopen("/var/etc/vhosts-{$ipaddress}-{$port}-ssl.conf", "w"); fwrite($fout, $tmp); unset($tmp); fclose($fout); write_rcfile(array( "file" => "vhosts-{$ipaddress}-{$port}-ssl.sh", "start" => "/usr/local/sbin/lighttpd -f /var/etc/vhosts-{$ipaddress}-{$port}-ssl.conf", "stop" => "kill `cat /var/run/vhosts-{$ipaddress}-{$port}-ssl.pid`" ) ); // Add or update a service $ent['name'] = "vhosts-ssl-{$x}"; $ent['rcfile'] = "vhosts-{$ipaddress}-{$port}-ssl.sh"; $ent['executable'] = "vhosts-{$ipaddress}-{$port}-ssl"; $ent['description'] = "vHosts SSL, Host: {$host}, IP Address: {$ipaddress}, port: {$port}, desc: {$description}"; $ent['custom_php_service_status_command'] = "\$vhost_output=''; exec('/bin/pgrep -anf '.".escapeshellarg($ent['executable']).", \$vhost_output, \$retval); \$rc=(intval(\$retval) == 0);"; $a_service = $config['installedpackages']['service']; $service_id = get_service_id ($a_service, 'name', "vhosts-ssl-{$x}"); if (is_int($service_id)) { // Update $a_service[$service_id] = $ent; } else { // Add $a_service[] = $ent; } // END if enabled } $x++; // END foreach } // END if array count } write_config(); conf_mount_ro(); } } function vhosts_install_command() { global $config; conf_mount_rw(); safe_mkdir("/usr/local/vhosts/"); write_rcfile(array( "file" => "vhosts-http.sh", "start" => "/usr/local/sbin/lighttpd -f /var/etc/vhosts-http.conf", "stop" => "kill `cat /var/run/vhosts-http.pid`" ) ); vhosts_sync_package(); } function vhosts_deinstall_command() { conf_mount_rw(); stop_service("vhosts-http"); unlink_if_exists("/usr/local/etc/rc.d/vhosts-http.sh"); exec("/bin/rm -f /usr/local/etc/rc.d/vhosts*"); exec("/bin/rm -f /var/etc/vhosts*"); exec("/bin/rm -rf /usr/local/www/packages/vhosts"); conf_mount_ro(); } ?>